Security issue <=2.2.1

  • Resolved caordawebsol

    (@caordawebsol)


    1 year, 4 months ago

    Hi,

    There’s a reported security issue with versions up to and including 2.2.1. Will there be a fix isssued?

    WP Meta and Date Remover plugin <= 2.2.1 – Broken Access Control vulnerability

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author prasadkirpekar

    (@prasadkirpekar)

    We have additional check for ajax callback function to check if it is admin user. So this is issue is not that big of a concern

    We are using SPA on admin page so we will implement CSRF accordingly in next version

    Plugin Author prasadkirpekar

    (@prasadkirpekar)

    We have updated plugin with fix

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Security issue <=2.2.1’ is closed to new replies.